package zack.gateway.core.authorization.auth;

import zack.gateway.core.authorization.GatewayAuthorizingToken;
import zack.gateway.core.authorization.IAuth;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;


/**认证服务
 * @author A1793
 */
public class AuthService implements IAuth {

    private Subject subject;

    public AuthService() {

        //根据本地配置，从security工厂生成manager
        IniSecurityManagerFactory iniSecurityManagerFactory = new IniSecurityManagerFactory("classpath:shiro.ini");
        SecurityManager securityManager = iniSecurityManagerFactory.getInstance();
        SecurityUtils.setSecurityManager(securityManager);
        this.subject = SecurityUtils.getSubject();

    }

    @Override
    public boolean validate(String id, String token) {

       try{
           subject.login(new GatewayAuthorizingToken(id, token));
           return subject.isAuthenticated();
       }finally {
           subject.logout();
       }
    }

}
